3 matches found
CVE-2024-8581 Path Traversal in parisneo/lollms-webui
A vulnerability in the uploadapp function of parisneo/lollms-webui V12 Strawberry allows an attacker to delete any file or directory on the system. The function does not implement user input filtering with the filename value, causing a Path Traversal error...
LoLLMs Web UI 代码注入漏洞
LoLLMs Web UI is a web user interface for large languages and multimodal systems by the individual developer Saifeddine ALOUI. A code injection vulnerability exists in LoLLMs Web UI version V12, which stems from the uploadapp function not filtering user input, which could result in a path travers...
PT-2025-12241 · Unknown · Parisneo/Lollms-Webui
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version V12 Strawberry Description: A Denial of Service DoS issue exists due to the application's handling of multipart boundaries in file upload endpoints. Despite CSRF protection, the server processes these boundaries,...